# Veza Stream Server — Environment Template
# Copy to .env and fill with real values. Never commit .env.

# Security (required, min 32 chars)
SECRET_KEY=your-secret-key-minimum-32-characters-long
# v0.9.1 RS256: path to public key (preferred); or JWT_SECRET for HS256
# JWT_PUBLIC_KEY_PATH=/path/to/jwt-public.pem
JWT_SECRET=your-jwt-secret-minimum-32-characters-long

# Internal API key for stream-events callbacks to backend (must match STREAM_SERVER_INTERNAL_API_KEY on backend)
# Backend validates X-Internal-API-Key on POST /api/v1/internal/stream-events
INTERNAL_API_KEY=

# Database
DATABASE_URL=postgres://user:password@host:5432/veza?sslmode=disable

# Message queue (optional)
RABBITMQ_URL=amqp://user:password@host:5672/%2f

# CORS — use specific origins in production, never *
ALLOWED_ORIGINS=https://veza.fr,https://app.veza.fr

# Storage
AUDIO_DIR=audio
STREAM_PORT=3002